(keitai-l) Re: bwute! [i-mode ssh]

From: Wolfgang Slany <wsi_at_dbai.tuwien.ac.at>
Date: 12/13/01
Message-ID: <Pine.BSF.4.43.0112130412010.94036-100000@pulcherrima.dbai.tuwien.ac.at>
I know about the security problem. However, my procmail script scans the
complete header which cannot so easily be faked, actually quite difficult
I believe but please correct me if I am mistaken. And there are a couple
of additional features such as a password, so a faker must know my
procmail script and my handy settings and on top of that be able to fake
the complete header. If he can do all that without me finding out about
his attempts (otherwise I would of course immediatly shut down the
tunnel), he probably can become root on our site anyway despite our
firewall etc, so hacking into my account will not really be the weakest
link in our line of defense.

Wolfgang

On Thu, 13 Dec 2001, Thomas O'Dowd wrote:
> Nice try but not exactly secure me thinks... Firstly smtp is easy
> to fake so just because it appears from your imode keitai doesn't mean
> its from your imode keitai. So if I knew the address to send it to
> and a bit about your procmail settings, even though you get the
> stdout, I could probably run a couple of extra commands on your box
> and email myself in the process. You can do this of course but I
> wouldn't advertise it or give anyone your procmailrc :) Still nice hack.
>
> Tom.
>
> On Thu, Dec 13, 2001 at 03:42:24AM +0100, Wolfgang Slany wrote:
> >
> > I know the following is a suboptimal hack but it does exactly what I want.
> >
> > On my unix box I have a procmail script that, when a specially formatted
> > mail from *my* imode keitai reaches it, executes whatever commands that
> > are written in the mail body. The stdout is then sent back to my handy
> > email address.  This avoids the need to type in a password, so security is
> > not breached. Of course network sniffers could read these mails (but no
> > passwords are transmitted), and editing is limited to the level of
> > sh/ed/ex/sed/perl/wget etc, but it is amazing how much one can do with
> > these tools and some regex'es.
> >
> > If someone is interested, I can send the .procmailrc snippet.
> >
> > Best regards, Wolfgang
> >
> > Wolfgang SLANY mailto:slany@lixto.com
> > http://www.lixto.com/
> >
> > /
> >
> > Wolfgang SLANY mailto:wsi@dbai.tuwien.ac.at
> > http://www.dbai.tuwien.ac.at/staff/slany/
Received on Thu Dec 13 05:29:44 2001